Re: ipfwadm question
On Tue, 26 Aug 1997, Mario Olimpio de Menezes wrote:
> My linux box acts as a ip-masq for the internal sub-net of
> Windows machines. It has 3 cards: one for output to Internet, with a
> valid IP address and 2 for the internal sub-net.
> IP-Masq is working OK; all machines can telnet, browse, ftp, etc
> to external servers on Internet, being masquerade with the Linux IP.
> I'm using this sintax:
> # ipfwadm -O -a deny -S 0.0.0.0/0 -D some.site.denied/0
>
> but isn't working, since I can connect the denied site from a inside
> machine. What is wrong?
Have you tried:
# ipfwadm -F -p deny
# ipfwadm -F -a masq -S <internal_net> -D 0.0.0.0/0
# ipfwadm -F -i deny -S <internal_net> -D some.site.denied/32
(that is adding a forwarding rule before masquerading)
Ciao
----------------------------------------------------------------------
Dalla Silvestra Michele Other info: finger://dalla@pluto.linux.it
Key fingerprint = 68 02 A9 C7 FB 05 9E 9C C7 B6 4A 13 61 25 5B 43
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: